差異處
這裏顯示兩個版本的差異處。
Both sides previous revision 前次修改 下次修改 | 前次修改 下次修改 Both sides next revision | ||
java:ldap [2016/03/30 23:53] tony |
java:ldap [2016/04/26 15:20] tony [SunCertPathBuilderException] |
||
---|---|---|---|
行 28: | 行 28: | ||
<code bash> | <code bash> | ||
./keytool -delete -keystore /opt/jdk1.8.0_60/jre/lib/security/cacerts -storepass changeit -alias tonytest | ./keytool -delete -keystore /opt/jdk1.8.0_60/jre/lib/security/cacerts -storepass changeit -alias tonytest | ||
+ | </code> | ||
+ | 修改密碼: | ||
+ | <code bash> | ||
+ | keytool -keystore "C:\Program Files\Java\jre1.8.0_66\lib\security\cacerts" -storepasswd -new newpasswd -storepass changeit | ||
</code> | </code> | ||
===== TLS already started ===== | ===== TLS already started ===== | ||
行 36: | 行 40: | ||
</code> | </code> | ||
會出現這問題,也有可能你是使用ldaps+636 port去做存取而產生的。(reference [[http://forum.spring.io/forum/spring-projects/data/ldap/19764-tls-and-setupauthenticatedenvironment|link]]) | 會出現這問題,也有可能你是使用ldaps+636 port去做存取而產生的。(reference [[http://forum.spring.io/forum/spring-projects/data/ldap/19764-tls-and-setupauthenticatedenvironment|link]]) | ||
- | ===== Test Spring API ===== | ||
- | <code java> | ||
- | public class Tester { | ||
- | public static void main(String[] args) { | ||
- | try { | ||
- | LdapContextSource contextSource = new LdapContextSource(); | ||
- | //contextSource.setUrl("ldap://superserver.tony.org:389"); | ||
- | //contextSource.setUrl("ldap://superserver.tony.org:389"); | ||
- | contextSource.setUrl("ldap://10.134.15.131:389"); | ||
- | contextSource.setBase("DC=tony,DC=org"); | ||
- | contextSource.setUserDn("CN=admin,DC=tony,DC=org"); | ||
- | contextSource.setPassword("123456"); | ||
- | contextSource.afterPropertiesSet(); | ||
- | |||
- | DefaultTlsDirContextAuthenticationStrategy strategy = new DefaultTlsDirContextAuthenticationStrategy(){ | ||
- | @Override | ||
- | protected void applyAuthentication(LdapContext ctx, String userDn, String password) | ||
- | throws NamingException { | ||
- | super.applyAuthentication(ctx, userDn, password); | ||
- | ctx.addToEnvironment("com.sun.jndi.ldap.read.timeout", "20000"); | ||
- | } | ||
- | }; | ||
- | |||
- | strategy.setHostnameVerifier(new HostnameVerifier() { | ||
- | |||
- | @Override | ||
- | public boolean verify(String paramString, SSLSession paramSSLSession) { | ||
- | System.out.println("ignore verify"); | ||
- | return true; | ||
- | } | ||
- | }); | ||
- | |||
- | contextSource.setAuthenticationStrategy(strategy); | ||
- | |||
- | |||
- | LdapTemplate ldapTemplate = new LdapTemplate(contextSource); | ||
- | ldapTemplate.afterPropertiesSet(); | ||
- | |||
- | |||
- | Filter filter = new EqualsFilter("uid", "tonylin"); | ||
- | |||
- | boolean authed = ldapTemplate.authenticate("ou=supermicro", filter.encode(), "123456"); | ||
- | |||
- | System.out.println("Authenticated: " + authed); | ||
- | } catch (Exception e) { | ||
- | e.printStackTrace(); | ||
- | } finally { | ||
- | ThreadUtil.sleep(15000); | ||
- | } | ||
- | } | ||
- | |||
- | } | ||
- | </code> | ||
===== Articles ===== | ===== Articles ===== | ||
* [[java:ldap:openldap|OpenLDAP]] | * [[java:ldap:openldap|OpenLDAP]] | ||
* [[java:ldap:jndi|JNDI API]] | * [[java:ldap:jndi|JNDI API]] | ||
+ | * [[java:ldap:spring|Spring API]] | ||
+ | * [[java:dalp:ad:enable_certificate|Enable SSL/TLS on Windows AD]] | ||
===== Reference ===== | ===== Reference ===== | ||
==== Auth & Security ==== | ==== Auth & Security ==== |